.Loading..Loading.

Agent Common

• 761534 Beta Version EPM Self-Updating, Self-Healing Agent

  • We are continuing to expand the "Beta" version of our new Engine Based Agent. This is designed to be self-healing and self-updating. It will include reports on each of the component engines on all clients in the console. To enable this feature, you must add this new registry key before starting your console. [HKEY_LOCAL_MACHINE\SOFTWARE\Ivanti\ManagementSuite] "EnableNewAgent"=dword:00000001
    

    • Here is a link to a Community Article: Ivanti EPM Engine Based Agent Information
      
    
    Updates in SU1:
    • You can now easily deploy the Engine-Based Agent to existing agents via a new SWD package type.
    • On upgrade from old agent type, EBA will keep the currently applied agent config unless an assignment has been made on the core.
    • Full upgrade abilities have been enabled in this release.
    • Any SU applied will cause the agent to be able to upgrade the installer, update service, and engines.
    • EBA downloads (from core) and installs .Net 4.8 if not already installed.
    • Right click option to “Force agent check in”.
    • Individual engines don’t show up in add/remove programs
    Engines shipped in 2022
    • CBA
    • BaseEngine (New to the Engine Based Engine)
    • Patch
    • Inventory
    • Remote Control
    • Software Distribution
    • Shared Files
    • Notifications Manager
    • Bitdefender Antivirus
    • AMT
    Engines added in 2022 SU1
    • Provisioning
    • Endpoint Security
    • Application Monitor
    • Privilege Management
    • Antivirus Engine
    • Alerting
    • Real-time Monitoring

Autopilot

• 923346 Allow PowerShell scripts to set the device name during Autopilot hybrid-join provisioning
  • Allow device naming via a customer-supplied PowerShell script. Because Microsoft Autopilot does not allow us to customize device naming during AAD-join provisioning, this feature only applies to hybrid-join provisioning. We control the process of naming the device during hybrid-join provisioning.
• 923395 Add Product Code detection rule support to Autopilot
  • • Admins can create a product code and it auto-populates a single field with the product code it finds in the selected MSI file.
    • The Application configuration UI now provides the ability to create an MSI (Product Code) Detection rule.
    • The UI extracts the product code from an .msi file or .msi file wrapped in the .intunewin format
    • The Detection rule indicates the app is installed if the product code is found in the registry or not installed if not found
    • We do not display the msi product code option for non-msi applications
    • The product code is saved in the azure application record so if a user wants to add an msi rule after initially creating the app they can
    • When editing an app that was created in a prior version and therefore does NOT have it's product code saved, we try to get the product code out of the file in the same filepath the original msi was in. Warn the user that if they changed the msi the product code won't be correct. If there isn't a file in the original filepath then just don't attempt to get a product code and let the user know.

Core Sync

• 805866 Support in Core Sync for N-1 version
  • Core Sync can now sync objects from an older version of EPM to a newer version. Starting with EPM 2022 SU1 you can core sync the current version and one version back.

Data Analytics

• 797107 Remove Silverlight from Data Analytics (DA)
  • There are 5 Dashboard reports that were using a Silverlight wrapper to generate charts for each of the dashboard reports. These reports are now available in the new web console now without having to install Silverlight. These include:
    • Memory Dashboard
    • Patch Dashboard
    • Processor BarChart Dashboard
    • Processor Dashboard
    • Server Dashboard

Diagnostics Tool

• 910736 Beta Version Add EPM Troubleshooting Tool as a Beta Feature
  • Added a new UI that collects all the logs into one UI. Displays all logs under the logs folder in chronological order. The logs are filterable by Log name, Time, and Severity. The logs can be toggled on and off or you can quick search all logs by type.
    It ships hidden by default and can be accessed one of two ways:
    • Run Ivanti.ManagementSuite.Troubleshooting.exe under the ManagementSuite folder
    • It can also be added to the Console's Help menu by setting this registry key:
    • HKLM\Software\lvanti\Managementsuite-EnableTroubleshooting=1
    
    Here is a link to a Community Article: Log Viewer - New Troubleshooting Tool
    Please contact customer support for more details. We would love your feedback on this new feature.

Inventory

• 933414 Inventory entry for Installed Antivirus products
  • The inventory location (BNF) is Computer / Security / Antivirus Software / Product, this will report the presence of any Antivirus software products installed on Windows Workstations.
    **The WMI data that we are gathering for this does NOT exist on Windows server OS.

Mac

• 917631 Add Inventory Support for Mac Agent Behaviors
  • Admins can now see what agent behaviors are set for each endpoint.
• 926871 Add Inventory support for Reporting on managed kernel and system extensions through EPM for Intel and M1 Macs
  • Mac kernel and system extensions information has been added to inventory

Patch Manager

• 874058 Add support for Oracle Linux OS
  • EPM now supports Oracle Linux OS like the other Linux OSs
    Including the following:
    
    • Inventory data
    • Software Distribution
    • Patch
    • In addition all vulnerabilities are registered in Scan folder in Patch and Compliance menu
    • Vulnerability properties -> Package properties
    • Patch Repair tasks
    • The log file is located here: C:\Program Files\LANDesk\ManagementSuite\log\WSVulnerabilityCore.dll.log
• 907145 Add ability to Create Custom Patch Campaigns
  • We are now able to create a Patch Campaign for a custom patch group.
    Additional highlights
    • Custom Patch Campaigns won’t repeat​.
    • Global Autofix can be set for the vulnerabilities included in that campaign, after the campaign has ended​.
• 907146 Add patching for Microsoft Office LTSC 2021
  • Able to patch Office LTSC 2021 with Multi-select configuration options.

Provisioning

• 487016 Support latest OSs in HII including Windows Server 2016+ & Windows 10+
  • • Provisioning support for Server 2016, Server 2019, Server 2022, latest Win 10 versions, Win 11.
    • Enhanced the provisioning workflow to display all supported OS.
    • Improved server and client logging.
    • Added an EPM Console warning regarding “unsigned drivers” when performing HII Provisioning Template Actions. Unsigned drivers will not load when Windows Secure Boot is enabled.

Software Distribution

• 869356 SWD package location should default to use https
  • We now default to the more secure https for the "files". You can manually enter http if needed.
• 931285 Add a Default Package Timeout
  • You can now specify a global default for package installation timeout. (Applies only to new packages). Windows Actions now supports installation timeout setting

Web Console 2.0

• 907174 Pagination
  • Supports pagination of long lists
• 907176 Export
  • Able to export a list so that you can work on it offline and take advantage of the customization feature of Excel or other formats.
• 907178 Notification Panel
  • Able to see a list of recent notifications of actions initiated from the web console.
• 907180 Several UX Improvements
  • Several UX updates made to the Web Console.
• 911065 Physical (NIC) Address information
  • Added the information about MAC address in the Network Card of the Device Additional Details

Console

• 922283 Auditing not properly capturing the Console user who initializes the command
  • Audit logs enhanced to show the name of the console user who initiated a remote command to a managed device instead of "NT AUTHORITY\NETWORK SERVICE"

Firewall

• 926626 Agent installation fails if the Windows Defender Firewall Service "MPSSVC" is disabled.
  • When the Windows Defender Firewall Service "MPSSVC" is disabled, the agent install will no longer attempt to modify the firewall and will continue installation as expected.

Inventory

• 929834 Inventory is flagging Azure virtual desktops as servers.
  • Fixed Inventory to show Azure virtual desktop devices as workstation type.

• 903050 Wildcard entries are duplicated in ldappl3.ini
  • Fixed Inventory to only show single entries for wildcard items in the ldappl3.ini

Mac

• 868275 Mac Profiles are not being collected in Inventory Scans
  • The new inventory scanner properly reports configuration profiles
• 912271 When the Mac agent installs the com.landesk.ldms.plist file is not properly updated which causes Inventory to be incorrect.
  • Agent installs now update the plist to the correct parameters. 
• 917217 EPM Mac Agent installer doesn't delete agent settings hash files when upgrading.
  • Installer now deletes the old settings hash files before upgrading.
• 917631 Installing new Mac agent does not pull new settings
  • The old hash files used to track changes to the agent behavior files are deleted as part of the new agent install, so that agent settings are properly used to update the various agent components
• 919116 Mac RC "permission required" checkbox is unchecked in Ivanti agent UI even though it is checked on Core.
  • The new Ivanti Agent Tool properly displays the settings downloaded from the core server
• 919118 RC shows version "z" in Ivanti agent UI on mac client
  • The new Ivanti Agent Tool queries IVRemoteControl to obtain the correct version
• 919119 RC shows status: "Stopped" in Ivanti agent UI on mac even though RC is actively being used on the mac client
  • The new Ivanti Agent Tool queries IVRemoteControl to obtain the correct state of IVRemoteControl
• 919120 Inventory scan last run is not being updated on Ivanti agent UI on the mac client
  • Inventory Scanner now updates Last Run info correctly.
• 919121 CBA version is showing old 11.0.4.253 after upgrade to EPM 2022
  • Updated the build to build 11.0.5.  
• 919124 EPM Mac Agent user interface is not being updated in real time.
  • The agent user interface updates in real time.
• 930674 HTML5 RC icon in Console Network view should no longer be showing up for Mac machines
  • Removed the old RC/HTML5 icons and all files associated with the Legacy RC and HTML5 RC. 

MBSDK

• 861566 MBSDK Add Device to scheduled task writes data into DB without validating
  • Validate numeric input to see if the input number is a valid computer id in computer table. 
• 873886 /distributionapi/api/v1/RebootSettings returns Distribution and Patch info instead
  • When enumerate reboot settings from database, use already created object that is initialized with reboot setting behavior, not creating default agent behavior object without specific agent behavior type. 
• 879607 Postman tasks via DistributionAPI Swagger API fails with 403 when the account credentials used is non-admin
  • When the tokens are created for the API, please ensure that User used for token creation has the rights in EPM corresponding the API action.  For example, when querying the API for reboot settings, make sure the user has EPM Console rights under Agent Set

Patch Manager

• 912477 Agent Service Update via patch manager repair task returns a failure message when the remote-control component is not installed
  • Agents are correctly updated, and repair task is successful, using Ivanti SU definitions.
• 923221 Cannot see all the parameters under Distribution/Patch settings -> Patch only settings due to Screen \ Display Resolution Size
  • For resolution set to 1280 x 800 (around 720p) in Distribution and Patch > Patch Only agent settings options: all settings are now visible.
• 923340 Patch campaign not updating
  • In Patch Automation, Patch Campaigns are updated without errors.
• 929394 Patch Tuesday campaigns say they are started and no progress.
  • In Patch Automation - Patch Tuesday campaigns were fixed to work as expected.
• 935234 Patch downloads failing when URL is using a mirror site.
  • In Patch and Compliance - Patch download is extended to work also for URLs that are using mirror sites.
• 942570 Filter Definitions- OS versions do not display
  • Download updates>Filter Definitions, OS tab filters are now correctly populated.

Provisioning

• 849805 Disconnected Provisioning Template Takes a Long Time to Start
  • When using a disconnected template, we no longer retry obtaining the client cert if the first attempt fails.  Sensitive variables and other secrets will not be accessible in this case.
• 874217 The Delete File action in OS Provisioning templates doesn't delete files over 2147483647 bytes
  • We changed to use a 64 bit file structure (instead of 32 bit) to allow reading of large file sizes. 
• 882474 PXE Services do not restart after shutting down because of loss of communication with core server
  • Using PXE_SVC_WIN registry key will force the node to win the election and stay elected even when unable to contact the core. It will resume reporting when connectivity is re-established.

Remote Control

• 919715 EPM 2022 RCViewer isn't Getting Upgraded when Upgrading from Older Version
  • RCViewer not being upgraded with the rest of the suite is resolved and will update as expected.
• 924934 Remote Control Floating Desktop icon/notification does not show the username of the user who initiated RC when the session is launched from Web Console 2.0
  • The username of the session initiator is now passed to the Remote Control session when using Web Console 2.0 and appears on the floating notification as expected.

Reporting

• 944818 Health Dashboard "Unable to contact the core server" error.
  • Changed the request to support HTTPS since the HTTP is now redirected to HTTPS

Software Distribution

• 804514 A standard EPM user with read-only rights on public packages is able to move a public package from public folder to their own folder then able to modify the said package inside their folder.
  • If the user logged into the CORE console does NOT have "public edit" rights for Software Distribution (SWD) Packages, then they will NOT be able to "move" a SWD package to a Team or "MY" folder. They can only make a copy of it.
• 895548 Wrong messages showing on toast notifications when certain options are selected
  • Fixed to show correct timeout action.
• 899434 Error when adding a folder to additional files on Windows Action packages - SWD
  • We now check for null/empty primary file when getting a file list so that we handle the folder's structure properly.
• 920692 S3 bucket download failure of large file when in a subfolder of the share.
  • Updated the path to be correct in all cases.
• 921061 SDMCache file retention issue. If the "Number of days files stay in cache" is over a certain number of days, the files are deleted daily.
  • The value processed was changed to a larger variable type to handle much large retention values in days (which are converted to seconds). This means the files will be kept according to the settings in Client Connectivity Settings and correctly displayed
• 934186 Issue with task status when multicast and "Always reboot" setting is used.
  • For reboot reconnect, do not try to download files that were already downloaded before reboot.

Web Console

• 908867 Web Console 2.0 Result column not accurate for some SWD task return codes
  • The Web Console displays the Return Code and Result columns like it does in the desktop console.

XDD-UDD

• 912897 UDD Wireless Access Points "Mark as Allowed" does not do anything
  • Fix the right click allow and not allow for WAPs. Also fix UDD scans putting APs in the right group.

Agent

• Must restart computer to load or unload the EBA EPS driver.
  • In this version of the new EBA EPS engine you must restart machine after EBA EPS install/uninstall for the EPS driver to load/unload

• Issue when EBA agent replaces an existing WSCFG agent.
  • Warning: There is a known issue with this installation method when it tries to uninstall a detected WSCFG agent from the device which will cause the installer to fail. As a temporary workaround manually uninstall the WSCFG agent from the device using uninstallwinclient.exe before installing an EBA installer generated from this method.

Core Server

• Windows Server 2022 is not supported for EPM 2022 SU1.
  • Microsoft has still not released a version of Server 2022 that resolves the .net issues, so it is not supported as an EPM core server OS.

Web Console 2.0

• Set up certificate for Web Console 2.0
  • Set up certificate for Web Console 2.0: https requirement. The core cert must be installed on the endpoint browsing the Web Console 2.0 in order to be https, otherwise it will try to use http.
• Use FQDN of the core in the URL https: //core-name.domain.xxx/WebConsole
  • Only FQDN (fully qualified domain name) name of the core is supported.